David A. Wheeler

This book provides a set of design and implementation
guidelines for writing secure programs.
Such programs include application programs used as viewers of remote data,
web applications (including CGI scripts),
network servers, and setuid/setgid programs.
Specific guidelines for C, C++, Java, Perl, PHP, Python, Tcl,
and Ada95 are included.
It especially covers Linux and Unix based systems, but much of its
material applies to any system.
For a current version of the book, see
http://www.dwheeler.com/secure-programs